package com.sh.rbac.core.encrypt.filter.wrapper;

import cn.hutool.core.util.RandomUtil;
import com.sh.rbac.core.encrypt.util.EncryptUtils;
import jakarta.servlet.ServletOutputStream;
import jakarta.servlet.WriteListener;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpServletResponseWrapper;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.PrintWriter;
import java.nio.charset.StandardCharsets;

/**
 * 响应体加密包装器
 *
 * @author wb
 * @since 2025-10-23
 */
public class EncryptResponseBodyWrapper extends HttpServletResponseWrapper {

    private final ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
    private ServletOutputStream servletOutputStream;
    private PrintWriter printWriter;


    public EncryptResponseBodyWrapper(HttpServletResponse response) {
        super(response);
    }


    @Override
    public ServletOutputStream getOutputStream() throws IOException {
        return new ServletOutputStream() {
            @Override
            public boolean isReady() {
                return false;
            }

            @Override
            public void setWriteListener(WriteListener writeListener) {

            }

            @Override
            public void write(int b) throws IOException {
                byteArrayOutputStream.write(b);
            }
        };
    }

    @Override
    public PrintWriter getWriter() throws IOException {
        if (servletOutputStream != null) {
            throw new IllegalStateException("getOutputStream() has already been called for this response");
        }

        if (printWriter == null) {
            printWriter = new PrintWriter(byteArrayOutputStream);
        }

        return printWriter;
    }

    @Override
    public void reset() {
        byteArrayOutputStream.reset();
    }

    @Override
    public void flushBuffer() throws IOException {
        if (printWriter != null) {
            printWriter.flush();
        } else if (servletOutputStream != null) {
            servletOutputStream.flush();
        }
    }

    /**
     * 获取响应体
     *
     * @return 响应体
     * @throws IOException IOException
     */
    public byte[] getCaptureAsBytes() throws IOException {
        if (printWriter != null) {
            printWriter.close();
        } else if (servletOutputStream != null) {
            servletOutputStream.close();
        }

        return byteArrayOutputStream.toByteArray();
    }

    /**
     * 获取响应体
     *
     * @return 响应体
     * @throws IOException IOException
     */
    public String getCaptureAsString() throws IOException {
        return byteArrayOutputStream.toString();
    }


    public String getEncryptContent(HttpServletResponse response, String publicKey,String headerFlag) throws IOException {
        String aesKey = RandomUtil.randomString(32);
        String encryptByBase64 = EncryptUtils.encryptByBase64(aesKey);
        String encryptByRsa = EncryptUtils.encryptByRsa(encryptByBase64, publicKey);

        // 设置响应头
        response.setHeader(headerFlag, encryptByRsa);
        response.setHeader("Access-Control-Allow-Origin", "*");
        response.setHeader("Access-Control-Allow-Credentials", "true");
        response.setHeader("Access-Control-Allow-Headers", "*");
        response.setHeader("Access-Control-Allow-Methods", "*");
        response.setHeader("Access-Control-Expose-Headers", "*");

        response.setCharacterEncoding(StandardCharsets.UTF_8.toString());

        return EncryptUtils.encryptByAes(getCaptureAsString(), aesKey);
    }
}
